I read this morning an article in DataNews, a Belgian IT security newspaper, about a big contract won by a security integrator to deploy a brand new e-mail platform for the Belgian Federal Police. Good news for them!
But, why did the journalist disclose in his article sensitive information like the following? (or why did he receive them?)
- E-mail solution: Borderware
- Dual layers of Firewall technologies: Check Point and Juniper
- DNS caching: cluster of Infoblox appliances
- ISS IPS
The “Security by Obscurity” principle is certainly not an effective protection but was it necessary to mention so many details to the public? Another “war” principle is “Know your enemy!“. Your attack is more likely to succeed if you know how the weaknesses of your enemy! This is also true in the digital world!
Article: datanews.be (in French, Google translation here)
Firstly, this is a great opportunity for the reseller (I carefully tread around the word integrator …) to be *known*, it’s a marketing thing and obviously this reseller is kindly pushed by his distributor (1,2,3, I can guess who that will be …) to reveal as many names as possible. If the police uses these technologies, they must be good for me too …
The real deal in this story, if you look at the websites of all these products, is the fact that they’re all touted as easy-to-use, set-and-forget and/or zero administration solutions.
Somebody managed to shove quite the amount of boxes up fedpol’s behind, good on them, now who’s going to secure that stuff ?